I wanted to be on the dev’s side here. CLA’s can be reasonable and I’ve happily let others convert my GPL code to them before. But reading the Open WebUI developer’s blog [1] makes it evident this isn’t really about the community — as he says, “It’s just me” and what he wants that matters for Open WebUI.

[0]: https://github.com/open-webui/open-webui/pull/8468/files [1]: https://jryng.com/thoughts/my-purpose

Saying "at least 4" is pretty misleading here, since you're assuming the 0.5% is perfectly distributed. That estimate could be accurate without a single innocent in these specific 850.

Given that this is a jail and not a prison, these people are mostly awaiting trial. From a certain point of view (innocent until proven guilty), most of these people are innocent and they can't even get a letter.

The fact is that these are fellow humans who are suffering, not because we decided as a society that this was what justice means, nor because this was the result of some study that figured out this would decrease recidivism, but just because some for profit institution decided they wanted to do something that would directly result in them suffering. That is enough for me to support this lawsuit.

Quoting from the Universal approximation theory's Wikipedia, "neural networks can represent a wide variety of interesting functions." While they may be much better at pattern recognition, it's possible to produce almost anything with one, including Go moves, if you can devise a method to interpret the outputs.

I think that's "true and false". Yes, NNs produce a "chance of being X" but no, NNs don't naturally produce a human-intuitive "degree of being X". If the NN is looking for a "red fire engine", it's not necessarily going to produce "degree of redness" as its output.

-- As to neural nets representing many functions; neural nets, Taylor series, Fourier series and so-forth can represent/approximate "any function". True but effectively irrelevant. What matters is what function a given methodology can be trained, programmed or whatever into representing.

That's incorrect. https://arxiv.org/abs/1602.02830

Email is basically free, works well for up to 5 megabytes of data, and data security isn't much of an issue for open source work. The post suggests quite a few tools that improve the Git-email workflow, and I think some do prefer those to certain web-hosted Git interfaces.

> there's plenty of standard ways to transmit data that aren't SMTP

Are they free, federated, and as reliable as email? It may be inferior in some technical ways, but it's still a rational choice for small non-private data transfers, such as a Git patch or any another text.

Is that the case? It seems like you may be focusing on specifically the privacy aspect of "security". I'd say that email is equally bad at ensuring integrity and authenticity, which are crucial aspects of security for open source work that's consumed by others. We can attempt to backfill those gaps in email using GPG and other tools, but we're trying to put a bandaid over a mortal wound in a lot of ways. Recent vulns have highlighted what has been known for a while: trying to ensure the authenticity and integrity of a protocol as broad as email with as much client-side complexity is a losing battle.

I can easily disable Pocket, Autofill, and Screenshots in about:config, and Firefox support explains that. With this extension, I'm missing a "extensions.fxmonitor.enabled" option.

I understand it's good to build in optional security features like this, but I don't see how it's acceptable to not notify users or provide an opt-out.

They are missing the about:config setting.. but it's early. Might be a bug, or maybe its not being used(?)

Eventually it'll display a popup in the UI that will notify you if the website you're on has been breached. I think we can all agree that would be useful.

Edit: Here's the code for the add-on: https://github.com/mozilla/blurts-addon

Pretty poor to roll it out without the option of disabling it, especially as I also ticked no tracking.